question

robertlinza-8719 avatar image
0 Votes"
robertlinza-8719 asked robertlinza-8719 answered

Can I configure /rdweb to use DoD PKI authentication?

I need the the W2k16 /rdweb host to authenticate using DoD CAC PKI credentials. This in hosted on premise in a vSphere environment. Azure is not an option.
I want to configure access to https://fqdn/rdweb via web proxy due to enclave restrictions on a WAN not connected to the Internet. (We CAN already access the RD GW using DoD PKI from other enclaves that have different cybersecurity GW access restrictions.)
The goal is to access the RD Gateway from the RDP Connection client as an app on the /rdweb server.
I found https://docs.microsoft.com/en-us/answers/questions/137727/use-smart-card-with-rdweb-access.html - my infrastructure team says this won't work.
Is there another configuration solution that I'm missing here?

remote-desktop-services
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

CarlFan-MSFT avatar image
0 Votes"
CarlFan-MSFT answered

Hi,
Do you want to log on RDweb Server then open RDP Connection client app to access RD Gateway?
Do you config SSO?
https://blog.matrixpost.net/sso-single-sign-on-to-your-onpremise-rds-remote-desktop-services-2016-2019-environment/
Also In general, RD Web Access server role works together with IIS to provide the RD Web Access website user experience for RDP users. RD Gateway is used to provider external users a secure connection.
https://community.spiceworks.com/topic/161395-remote-desktop-via-rdweb
Hope this helps and please help to accept as Answer if the response is useful.
Best Regards,
Carl

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

robertlinza-8719 avatar image
0 Votes"
robertlinza-8719 answered

Trying to setup access w/o RD GW. Cannot use a proxy to access RD GW. I need to set up DoD PKI to authenticate /rdweb service. These links are helpful but my need is external access through a web proxy to /rdweb. RD GW is authenticating with PKI but cannot accept a proxied login.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.